Our Agenda
  Day 1
8:00am  Registration 
9:15am  Welcome address
Transportation networks require multiple partners to work together, frequently passing across borders and numerous jurisdictions. Security is only as strong as the weakest link in the chain and breaches can have serious knock on effects for all partners. Yet for most sectors there is no set framework or standard for organizations to work towards. This session will bring together leaders in both policy and business to discuss the regulatory landscape and how government and industry can work together to tackle security threats.

Moderator: Peter D’Ardenne, UKI Security Services Director, DXC Technology

Setting the frameworks, standards, and policies for secure transportation infrastructure
• An overview of current security requirements
• How do the needs of different modes of transportation vary?
• Working with key stakeholders to identify where standards are needed
Sonya Proctor, Director Surface Transportation, Office of Security, TSA


Unmanned Aircraft Systems: Risk and reward
• Reward: Economic, safety, and public service benefits of UAS
• Risk: Threats posed by UAS operations in the U.S.: the clueless, the careless, and the criminal
• Achieving Balance: Regulatory and legislative efforts underway to achieve safe and secure integration of UAS into the National Airspace System
Angela H. Stubblefield, Deputy Associate Administrator, Office of Security & HAZMAT Safety, Federal Aviation Administration


U.S. national maritime threat prevention: at home and abroad
• Prevention before response: deterring, detecting, denying, and detaining security threats
• Programs forming national U.S. doctrine on maritime security
• Maritime security as an international concern: coordination of nations for threat prevention
Bob Gauvin, Deputy Office Chief and Executive Director of Counter Piracy Policy Office of Commercial Vessel Compliance, US Coast Guard


International Cybersecurity Policy and Regulatory Trends in Transportation
Norma Krayem, Chair, Global Cybersecurity & Privacy Policy and Regulatory Team, Holland & Knight LLP

 10:10am  Panel discussion: What can different transportation sectors learn from each other?
• What can different transportation modes learn from each other?
• How can we incentivize information sharing, even with competitors?
• What are the barriers to reporting security incidents and how can we overcome them?
• Are new standards and frameworks needed for the evolving transportation security landscape?

Angela H. Stubblefield, Deputy Associate Administrator, Office of Security & HAZMAT Safety, Federal Aviation Administration
Sonya Proctor, Director Surface Transportation, Office of Security, TSA
Bob Gauvin, 
Deputy Office Chief and Executive Director of Counter Piracy Policy Office of Commercial Vessel Compliance, US Coast Guard
Norma Krayem
Chair, Global Cybersecurity & Privacy Policy and Regulatory Team, Holland & Knight LLP
Networking coffee break 

Transportation infrastructure is becoming increasingly digitalized, and with it comes benefits for operational efficiency and customer service. And yet with growing numbers of connected devices, there are far more potentially vulnerable entry points that transportation operators must secure.

Moderator: Jeff Davies, Senior Vice President, Business Development, ITS America
11:25am Evolving security risks in a rapidly digitalizing transportation landscape
• The benefits of digitalization for transportation organizations
• How is digital capability outstripping investment in security?
• Big Data: useful for business, valuable and vulnerable to hackers
Ray Secrest, Sr. Manager, Information Security, Tampa International Airport
11:40am  Case study: Piloting connected vehicle technology to improve safety and travel reliability

• Challenges posed by congested highways and extreme weather
• Facilitating V2V, V2I, and I2V communications with advanced dedicated short-range communication technology.
• Delivering more accurate real-time travel information.
Kebin Haller, Colonel, Wyoming Highway Patrol

11:55am Securing the digital transformation

The future is here, it’s just not evenly distributed. Digitalization and disruption drive fantasies and fears. The hearts of inanimate objects are gifted oxygen by the Internet. Hoovers dart sheepishly around our feet, drones zip busily above our heads and our cars chauffeur us to the office whilst we recline and relax. Opportunity abounds. But as humanity steps forwards, its demons pursue. Nation states, organized criminals, and terrorists seek to exploit new technologies to accelerate their agendas. This session will explore the key tenets of IoT security to understand how today we can enable tomorrow.
Simon Arnell, DXC Security Chief Technologist, DXC Technology

12:10pm  Secure communication systems
Andrew Maxymillian, President, Government Wireless Technology & Communications Association

Secure smart ticketing
• Setting open security standards for smart ticketing 
• Collaboration between vendors and operators
• Incvreasing choice and cost effectiveness
Thomas Parker, Member Representative, OSPT Alliance


Panel discussion: Opportunities and threats of the internet of things
• Overcoming challenges with legacy technology
• Future proofing for new technological developments
• Baancing security of hardware and software
• Collaborating with stakeholders from vendors and partners to customers


Kebin Haller, Colonel, Wyoming Highway Patrol
Mike Bousliman
, Chief Information Officer, Montana Department of Transportation
Ray Secrest, Sr. Manager, Information Security, Tampa International Airport
Thomas Parker, 
Member Representative, OSPT Alliance
Simon Arnell, DXC Security Chief Technologist, DXC Technology
Andrew Maxymillian, President, Government Wireless Technology & Communications Association

Networking lunch 

While transportation operators are eager to adopt new digital technologies, frequently cyber security is not taken seriously enough. This is particularly worrying due to the economically significant and potentially dangerous assets that transportation companies operate. This session will bring together cyber security experts to discuss how transportation operators must defend themselves in the new digital arena.

Moderator: Norma Krayem, Chair, Global Cybersecurity & Privacy Policy and Regulatory Team, Holland & Knight LLP
 2:10pm Cyber security audits: how secure is your network?
• What are the major weaknesses of digitized transportation networks?
• Why practical, externally organized testing is crucial to ensuring cyber security effectiveness
• Coordinating an effective cyber security exercise
Justin Smith, Senior Cyber Security Engineering Manager, Rockwell Collins
 2:25pm UK government approach to cyber security on transport

Simon Lancaster, Cyber Security, Transport Security - Coordination and Operational Response, UK Department for Transport
Saeka Ahmed, Aviation & Maritime Cyber Security Lead, UK Department for Transport

 2:40pm Separating back-end and externally-facing systems
• The proliferation of customer infotainment systems and portable devices for operations
• How have the lines between mission critical and externally facing networks been blurred by digitalization?
• Creating a barrier between networks based on risk and priority
Michael Firstenberg, Industrial Security Manager, Waterfall
 2:55pm  Cyber security; more than just an IT issue
• Standards and processes for good cyber hygiene
• Technology to reduce the chances and impact of human error
• Insider threats: do you have the right processes in place to counter them?
Vito de Santis, Director ICS/PCI Security, Risk & Compliance, MTA New York City Transit
3:10pm  Panel discussion: Adapting to an evolving cyber security threat landscape
• What are the biggest risks to cyber security?
• Which prevention and detection technologies are worth investing in?
• How can CISOs engage other silos in the organization over security measures?
• How are cyber security threats likely to develop in future?

Deborah Wheeler
, Chief Information Security Officer, Delta Airlines
Vito de Santis,
Director ICS/PCI Security, Risk & Compliance, MTA New York City Transit

Justin Smith, Senior Cyber Security Engineering Manager, Rockwell Collins
Michael Firstenberg, Industrial Security Manager, Waterfall
Mohammad Yousef,
Chapter President, Control Systems Cyber Security Association International
Simon Lancaster, 
Cyber Security, Transport Security - Coordination and Operational Response, UK Department for Transport
Saeka Ahmed, 
Aviation & Maritime Cyber Security Lead, UK Department for Transport

Networking coffee break

Operational staff are key to providing the first line of defense against safety and security incidents. Digital monitoring and data analysis can provide the first signs that an incident will occur, while communications infrastructure is crucial for keeping the transportation network moving during a crisis. This session will bring operations leaders together to discuss how safety and security affect them.

Moderator: Kristina Tanasichuk, Chair & CEO, Government Technology & Services Coalition

4:25pm  Operating both effectively as well as safely and securely
• Minimizing disruption to service when introducing new security technologies, standards, and procedures
• Operating during emergencies: what is the minimum acceptable level of service?
• What’s your back up plan when things go wrong?
Alex Wiggins, Chief Systems Security & Law Enforcement Officer, LA Metro

Making the most of data for a holistic approach to security and safety risks
• How do remote sensors help operators identify risks efficiently?
• Communications infrastructure needed for smarter operations
• Accessing data in a timely manner to impact decision making capabilities
April Danos, Director of Information Technology, Greater Lafourche Port Commission, LA

4:55pm  Implementing a safety management system
Dave Goeres, Chief Safety, Security, and Technology Officer, Utah Transit Authority

Panel discussion: Operational effectiveness for safety and security
• How can security awareness become business as usual?
• How can data analytics increase efficiency?
• What is the potential of 5G communications technology?
• Gaining the best ROI by balancing technological with traditional solutions

April Danos, Director of Information Technology, Greater Lafourche Port Commission, LA
Dave Goeres, 
Chief Safety, Security, and Technology Officer, Utah Transit Authority
Alex Wiggins, 
Chief Systems Security & Law Enforcement Officer, LA Metro
David Pickeral, Entrepreneur and Strategic Advisor


Networking drinks reception 

  Day 2

Security threats are becoming more numerous and more complex, and high profile cases of companies being hacked are becoming daily news features. Transportation leaders are waking up to the reality that security breaches have the potential to cause billions of dollars in lost revenue, damage trust and reputation, and cause major loss of life among staff and the general public. This session will bring together leaders from multiple modes of transportation to discuss how to make safety and security priority from the top down.

Moderator: Michael Lowder, Principal, Michael W. Lowder & Global Associates LLC


Setting solid risk management principles
• Measuring the financial impact of safety and security incidents
• Accepting that risks are unpredictable and can never be fully mitigated

• Identifying priority areas to protect: what’s mission critical?
Greg Crabb, Chief Information Security Officer, United States Postal Service

 8:45am Engaging with employees to build an effective company-wide security and safety culture
• Do employees take security as seriously as they should?
• How can the senior leadership team lead from the top?
• Internal training, technology, and processes

Shawn Wilson, Director, Louisiana Department of Transportation

9:00am  The Industrial Immune System: Using Machine Learning & AI for OT Cyber Defense
• How new machine learning and mathematics are automating advanced threat detection
• Why 100% network visibility allows you to preempt emerging situations, in real time, across both IT and OT environments
• How smart prioritization and visualization of threats allows for better resource allocation and lower risk
• Real-world examples of detected OT threats, from non-malicious insiders to sophisticated cyber-attackers

Jeff Cornelius, EVP, ICS Solutions, Darktrace


Why a robust incident response plan is crucial for your business
• Business continuity: planning for incidents and maintaining a high quality service when things go wrong
• Minimizing the damage to your busienss after a cyber attack
• Cooperating with authorities, investigators, and solution providers
Ken Van Wyk, Advisor, The Forum of Incident Response and Security Teams (FIRST)


Panel discussion: Safety and security as a strategic priority
• How has ransomwear changed the nature of the security threat?
• Are shareholders and senior leadership teams aware of the financial costs of insufficient security?
• How can CISOs and CIOs engage others in the organization over security?
• Do all security incidents get reported? What is the right approach?

Greg Crabb, Chief Information Security Officer, United States Postal Service
Shawn Wilson, 
Director, Louisiana Department of Transportation
Ken Van Wyk, Advisor, The Forum of Incident Response and Security Teams (FIRST)
Jeff Cornelius, EVP, ICS Solutions, Darktrace

 10:00am Networking coffee break 
As transportation becomes digitized, the lines are becoming blurred between physical and digital threats. Transportation operators also have access to new technologies and techniques for conducting physical security monitoring more efficiently while keeping their networks moving.

Moderator: Alfredo Perez Jr, Principal, Perez Consulting

Cyber and physical security challenges within the maritime environment
Incorporation of cyber in terrorism
• Specific maritime cyber vulnerabilities
• Implementation of NIST requirements
• Significance of the Federal Port Security Grant Program
David Espie, Director of Security, Maryland Port Administration

11:00am   Keeping transportation moving while bolstering safety and security measures
• The downsides of safety and security measures for efficiency in moving goods and people
• What levels of screening can be introduced on mass transit?
• Using technology to screen and monitor more thoroughly and efficiently
Christopher Trucillo, Chief of Police, New Jersey Transit
 11:15am How can new technologies in airport security and screening introduce efficiencies?
Adam Steffl, Director of Airport Security, Denver International Airport
11:30am  Panel discussion: Developing a more proactive approach to physical security
• How are physical threats evolving?
• Is screening possible across all modes of transportation?
• What are the new technologies to look out for?
• What is the answer beyond new technologies?

David Espie, Director of Security, Maryland Port Administration
Christopher Trucillo
, Chief of Police, New Jersey Transit
Adam Steffl, 
Director of Airport Security, Denver International Airport
 12:00pm  Networking lunch
Your staff and customers are both some of your weaknesses and greatest assets in protecting against safety and security risks. This session will enable you to discuss your mutually-shared challenges with like-minded colleagues to come up with solutions to the challenge of outreach and engagement, both internally and externally.

Moderator: Michael Lowder, Principal, Michael W. Lowder & Global Associates LLC

Finding the right cybersecurity expertise for your organization
• Who should you recruit? Know the expertise you need, and finding those professionals
• Cybersecurity as a team sport: Training and awareness for the workforce
• Thinking about the future: what should our children know about cybersecurity?
Lynne Clark, Chief, National Information Assurance Education and Training Program, NSA

 1:00pm Crisis management
• Preparing staff for emergency situations
• Having the communication links in place with authorities and first responders
• Investing in technology for effective crisis management
Frederic Henriot, Operational Safety Director, Keolis Commuter Services
 1:15pm Public engagement: education, outreach, and technology for reducing safety and security incidents
• Outreach to increase public awareness of safety and security threats
• Making use of social media and customer communication channels for detection and emergency coordination
• Avoiding panic and misinformation
Stephen Covey, Chief of Police and Chief Security Officer, CN Railway
 1:30pm Panel discussion: The human factor of security
• What technologies can be used to monitor and identify at-risk staff members?
• What do staff struggle most with when it comes to security?
• How can security teams keep staff up to date with evolving threats?
• What are the best channels for engaging with staff and the general public?

Lynne Clark, Chief, National Information Assurance Education and Training Program, NSA
Stephen Covey, Chief of Police and Chief Security Officer, CN Railway
Frederic Henriot, 
Operational Safety Director, Keolis Commuter Services
David Budge,
Director of Security, Sun Country Airlines



End of the Transport Security Congress